Introduction

Do not pass untrusted user input to wddx_deserialize().
Unserialization can result in code being loaded and executed due to object
instantiation and autoloading, and a malicious user may be able to exploit
this. Use a safe, standard data interchange format such as JSON (via
json_decode() and json_encode()) if
you need to pass serialized data to the user.

User Contributed Notes 1 note

"The Web Distributed Data Exchange, or WDDX, is a free, open XML-based technology that allows Web applications created with any platform to easily exchange data with one another over the Web."

"WDDX is an XML-based technology that enables the exchange of complex data between Web programming languages, creating what some refer to as 'Web syndicate networks'. WDDX consists of a language-independent representation of data based on an XML 1.0 DTD, and a set of modules for a wide variety of languages that use WDDX. WDDX can be used with HTTP, SMTP, POP, FTP and other Internet protocols that support transferring textual data."